Add OpenSSF Scorecard workflow

Author: nosborn

.github/workflows/scorecard.yml

@@ -30,19 +30,10 @@ jobs:
       - name: Run analysis
         uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1
         with:
-          # file_mode: git
-          publish_results: false
-          # repo_token: ${{ secrets.SCORECARD_TOKEN }}
+          publish_results: true
           results_file: results.sarif
           results_format: sarif
 
-      # - name: Upload artifact
-      #   uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
-      #   with:
-      #     name: SARIF file
-      #     path: results.sarif
-      #     retention-days: 5
-
       - name: Upload to code scanning
         uses: github/codeql-action/upload-sarif@86b04fb0e47484f7282357688f21d5d0e32175fe # v3.29.0
         with:

README.md

@@ -4,6 +4,7 @@ A GitHub Action that performs style checking and linting for Markdown/CommonMark
 
 [![CI Workflow Status](https://github.com/nosborn/github-action-markdown-cli/actions/workflows/ci.yml/badge.svg)](https://github.com/nosborn/github-action-markdown-cli/actions/workflows/ci.yml)
 [![Release Workflow Status](https://github.com/nosborn/github-action-markdown-cli/actions/workflows/release.yml/badge.svg)](https://github.com/nosborn/github-action-markdown-cli/actions/workflows/release.yml)
+[![OpenSSF Scorecard](https://api.scorecard.dev/projects/github.com/{owner}/{repo}/badge)](https://scorecard.dev/viewer/?uri=github.com/nosborn/github-actions-markdown-cli)
 
 ## Usage